<?php

 require_once("globals.php");
 require_once("functions.php");

  $user=$_POST['user'];
  $pass=$_POST['pass'];
   
  if (check_login_uncrypted($user,$pass)) { 
  
  	 $db_res = mysql_query("SELECT * FROM ".DB_TABLE_LOGIN." WHERE user='".mysql_real_escape_string($user)."' AND pass=PASSWORD('".mysql_real_escape_string($pass)."')");
	 $user_array=mysql_fetch_array($db_res);
  	 $_SESSION["session_user"]= $user_array['user'];
 	 $_SESSION["session_pass"]= $user_array['pass'];
  	 $_SESSION["session_active"]= $user_array['active'];
 	 $_SESSION["session_banned"]= $user_array['banned'];
	 $_SESSION["session_rights"]= $user_array['rights'];
	    
	if ($_SESSION["session_rights"]>1) header("Location:index.php");
	else header("Location:pending.php");
  }

 else header("Location:error.php");


?>